I am tracing this attack back to Cloudflare, but this is not Cloudflare's fault, this is my own damn fault for not enabling the Cloudflare module to have the attacker's real fuqqqking IP logged. I know they're around/from Germany/Netherlands/Europe region though since their location of the CDN is that direction.

Owner

Why would you want to take over WordPress admin? It is a matter of finding a vulnerable plugin usually, then you inject malicious database queries to either steal admin, inject your own admin account, or in some way exploit their WordPress installation to gain access.. I could show you an example if you want but I am not doing this for malicious purposes. I think information should be free to learn how to defend..